01-05-2018 06:39 AM
I need instructions on creating the sdconf.rec file please.
Our documentation says:
The RSA administrative system generates an sdconf.rec file, which the RSA system administrator will provide to you. This file allows you to add Cisco ISE servers as RSA SecurID agents in the realm. You have to browse and add this file to Cisco ISE. By the process of replication, the primary Cisco ISE server distributes this file to all the secondary servers.
RSA documentation says: https://community.rsa.com/api/core/v3/contents/107510/data?v=1
Important: The UDP-based authentication agent’s hostname must resolve to the IP address specified.
1) is/are the agent hosts to be added the primary Admin or primary *and* secondary Admin? (I assume you *have* to put the IP address of the secondary)
2) if 1) is 'yes' then how do we achieve the requirement that authentication agent’s hostname must resolve to the IP address specified? - in the case of primary/secondary there are two IP addresses with two hostnames.
I have my installation working with the primary IP & hostname with the IP of the secondary as an alternate. I have not been able to show that the secondary is able to authenticate to the Token server.
Thanks.
Solved! Go to Solution.
01-05-2018 07:19 AM
All ISE nodes to auth against the RSA need to be added in the RSA server and then generate the configuration file, which is to be imported to ISE primary PAN.
01-05-2018 07:19 AM
All ISE nodes to auth against the RSA need to be added in the RSA server and then generate the configuration file, which is to be imported to ISE primary PAN.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide